Buffer Over-read Vulnerability in Ivanti Secure Access Client
CVE-2024-9843

5.5MEDIUM

Key Information:

Vendor: Ivanti
Status: Secure Access Client
Vendor: CVE Published:; 12 November 2024

Summary

A vulnerability in Ivanti Secure Access Client allows for a buffer over-read, which could be exploited by a local unauthenticated attacker. This may lead to a denial of service, affecting the availability and functionality of the application. Users utilizing versions of Ivanti Secure Access Client prior to 22.7R4 should take necessary measures to mitigate potential exposure to this vulnerability.

References

https://forums.ivanti.com/s/article/Security-Advisory-Iva...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2024